The Doctors

Privacy Policy Statement

24355 Lyons Avenue, Suite 130
Newhall, CA 91321


Privacy Officer:  Practice Manager, 661-255-WELL (9355)

Purpose: The following privacy policy is to ensure that The Doctors’ Office (TDO) complies with requirements of the Health Insurance Portability & Accountability Act of 1996 (HIPPA) as well as California privacy protection laws and regulations. Protection of patient privacy is of paramount importance to TDO. Violations of any of these provisions knowingly or unknowingly will result in disciplinary action including termination of employment and possible referral for criminal prosecution.

Notice of Privacy Practices
This Notice of Privacy Policy will be provided to patients at their first encounter and all uses and disclosures of protected health information (PHI) will be accord with TDO’s notice of privacy practices. TDO will have copies of the most current Notice of Privacy Policy available for review and for distribution at the reception desk as well as posted on our web site www.thedoctorsofficescv.

Assigning Privacy and Security Responsibilities
Specific individuals at TDO are assigned the responsibility of implementing and maintaining the HIPAA Privacy and Security Rules’ requirements.  At a minimum, TDO will designate the Practice Manager as the privacy official.

Deceased Individuals
TDO privacy protections extend to information concerning deceased individuals.

Minimum Necessary Use and Disclosure of Protected Health Information
TDO will ensure that for all routine and recurring uses and disclosures of PHI (except for uses or disclosures made for treatment purposes; to or as authorized by the patient; or as required by law for HIPAA compliance) such uses and disclosures of PHI must be limited to the minimum amount of information needed to accomplish the purpose of disclosure.

Verification of Identity
TDO will ensure that the identity of all persons who request access to protected health information be verified before such access is granted.

Appropriate safeguards will be in place at TDO to reasonably protect health information from any intentional or unintentional use or disclosure that is in violation of the HIPAA Privacy Rule. These safeguards include physical protection of premises and PHI, technical protection of PHI maintained electronically and administrative protection of PHI. These safeguards will extend to the oral communication of PHI and to PHI removed from TDO.

Business Associates
TDO will ensure business associates comply with the HIPAA Privacy Rules to the same extent as TDO, and that they be contractually bound to protect health information to the same degree as set forth in this policy. Business associates permitted to receive PHI include, for example TDO’s billing service (Alexsys Medical Management), patients’ health insurers, and other healthcare providers with whom we consult and coordinate patients’ care or to whom we refer patients for specialized care. 

Training and Awareness
TDO will ensure that all employees are trained on the policies and procedures governing protected health information and how TDO complies with the HIPAA Privacy.  New employees will receive training within a reasonable time of employment. 

TDO will ensure that sanctions will be in effect for any member of the workforce who intentionally or unintentionally violates any of these policies or any procedures related to the fulfillment of these policies. Such sanctions will be recorded in the individual’s personnel file.

Retention of Records
TDO will adhere to the HIPAA Privacy records retention requirement of six years. All records designated by HIPAA in this retention requirement will be maintained in a manner that allows for access within a reasonable period of time. This records retention time requirement may be extended at TDO’s discretion to meet with other governmental regulations or those requirements imposed by our professional liability carrier.

TDO will investigate and resolve all complaints relating to the protection of health in a timely fashion. All complaints will be directed to Practice Manager, who is duly authorized to investigate complaints and implement resolutions.

Prohibited Activities-No Retaliation or Intimidation
No employee or contractor of TDO may engage in any intimidating or retaliatory acts against persons who file complaints or otherwise exercise their rights under HIPAA regulations. No employee or contractor may condition treatment or payment on the provision of an authorization to disclose protected health information.

Cooperation with Privacy Oversight Authorities
TDO will ensure that oversight agencies such as the Office for Civil Rights of the Department of Health and Human Services will receive cooperation in any investigation relative to protection of health information within TDO.   All personnel will cooperate fully with all privacy reviews and investigations.

Investigation and Enforcement
In addition to cooperation with Privacy Oversight Authorities, TDO will follow procedures to ensure that investigations are supported internally and staff of TDO will not be retaliated against for cooperation with any authority. It is our policy to attempt to resolve all investigations and avoid any penalty phase if at all possible.

For more information about HIPPA or to file a complaint:

Department of Health & Human Services
Office for Civil Rights, Region IX
90 7th Street, 4-100
San Francisco, CA 94103-6705

Designed and Hosted by Wildcat Technologies